This is disabled by default because most users will still want to detect and block attacks from whitelisted IP, although they may not want to shun them. You should only put hosts on the whitelist that you know will never be compromised.